Impact

In affected versions, when adding a README with voluntary extension the file would be rendered with markup. This would allow an attacker to add a script that would be executed on the client side.

This vulnerability was fixed in GitLab 6.5. All users running GitLab 6.4 and earlier versions should upgrade immediately.

Releases

Gitlab 6.5 Community Edition is available from https://gitlab.com/gitlab-org/gitlab-ce and https://github.com/gitlabhq/gitlabhq . GitLab 6.5 Enterprise Edition is available for subscribers from GitLab Cloud. Please follow the upgrade guides from your current version to version 6.5.

Credits

Thanks to ChenQin, Network and Information Security Lab @ Tsinghua University for reporting the vulnerability.